Lucene search
ApacheCVELIST:CVE-2023-31101HistoryMay 22, 2023 - 3:17 p.m.
CVE-2023-31101 Apache InLong: Users who joined later can see the data of deleted users
2023-05-2215:17:42
CWE-1188
apache
www.cve.org
2
apache inlong
data visibility
security vulnerability
user data
software upgrade
resource initialization
EPSS
0.001
Percentile
30.8%
Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users’ data. Users are advised to upgrade to Apache InLong’s 1.7.0 or cherry-pick https://github.com/apache/inlong/pull/7836 https://github.com/apache/inlong/pull/7836 to solve it.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache InLong",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "1.6.0",
"status": "affected",
"version": "1.5.0",
"versionType": "semver"
}
]
}
]Related
veracode
veracode
Information Disclosure
2023-05-24 03:55:50
cve
cve
CVE-2023-31101
2023-05-22 16:15:10
prion
prion
Default configuration
2023-05-22 16:15:00
osv
osv
CVE-2023-31101
2023-05-22 16:15:10
User data exposure in Apache InLong
2023-05-22 18:30:27
huntr
huntr
Users who joined later can see the data of deleted users
2023-04-03 12:35:36
cnvd
cnvd
Apache InLong Information Disclosure Vulnerability (CNVD-2023-42964)
2023-05-28 00:00:00
github
github
User data exposure in Apache InLong
2023-05-22 18:30:27
nvd
nvd
CVE-2023-31101
2023-05-22 16:15:10